Many websites provide the capability for users to login to view their personal information, or other information that the user wants to keep private, or even access the functionality provided by the website. Oftentimes, an added level of security is established by generating a challenge to a user attempting to login. Most commonly the challenge is the generation of a secret question or the generation of a Completely Automated Public Turing test to tell Computer and Humans Apart (CAPTCHA) to guard against possible fraudulent login attempts, and login by bots and other automated devices. Additional techniques exist to challenge the user, including those based on the user's ability to identify the chronology of calendar activities (recalling appointment times) or e-mails (identifying e-mails as new or old). However, the existing authentication challenge technologies do not utilize the account owner's social network activity information to generate a challenge that is both secure, i.e., not easily completed by a fraudulent user, and imposes minimal burden to a non-fraudulent user, i.e., the account owner can quickly, easily, and successfully complete the authentication challenge.